The Internet has become crucial to the every-day operations of billions of individuals, companies, and devices. Access to the Internet is provided by Internet Service Providers (ISPs). A typical business facility might have multiple “circuits” (i.e., bi-directional connections) to the Internet via multiple different ISPs. Sometimes, network connectivity is interrupted or faulty. For example, a circuit associated with one ISP can fail or become inoperable in some way, which causes Internet access through such a circuit to be cut off, become degraded, or otherwise made unavailable. As a result, the reliability and quality of service (QOS) of packets on the network, and network access itself, are diminished.
Conventional techniques attempt to address these deficiencies in different ways. For example, dual wide area network (Dual-WAN) firewalls or routers provide redundancy to Internet connectivity. But this approach employs rudimentary monitoring of circuit status to establish if a circuit is usable or not. If a circuit fails, the failure is often not detected due to the rudimentary monitoring techniques. Even if the failure is detected (often 30 to 120 seconds after the failure), the bad WAN circuit is disabled, and the other WAN circuit is put into use, which results in the source Internet Protocol (IP) address of all sessions to be changed for any traffic that was previously on the broken WAN circuit, thereby breaking any sessions that were established. This can cause voice over IP (VoIP) calls to be dropped, web pages to stop loading, and virtual private networks (VPNs) to be disconnected.
Another conventional approach involves domain name server (DNS)-based load balancer devices. In the event of a circuit failure, the device stops handing out the failed circuit's IP address in DNS responses. The destination IP address of the connection changes, so any application tied to specific IP addresses will be interrupted, including VoIP calls, VPNs, secure shell (SSH) connections, remote desktop applications, or the like. Moreover, since the IP address changes, remote users must re-initiate connections. In addition, DNS caching can cause failover from one circuit to another to malfunction. QOS implementations with DNS-based load balancer devices are essentially ineffective since the traffic has already traversed the entire Internet and ISP network before reaching the DNS-based load balancer device.
Yet another conventional approach is to use the border gateway protocol (BGP). BGP is used as the routing protocol of the Internet by sending “keep-alive” packets across interconnects between routers. If packets are not received for a given interval (usually 30 to 120 seconds), the link is declared down and traffic is re-routed. Implementing BGP at an end-customer site is often prohibitively expensive because the hardware is expensive, the setup and implementation is complex, and the ISP circuits that support BGP are also costly. In practice, ISPs don't support fast enough keep-alive timers for failover between circuits to be seamless. Instead, failover takes 30-120 seconds, resulting in end-user application session timeouts. In addition, with BGP, there is a limited amount of control as to how inbound (e.g., download) bandwidth is distributed.
Accordingly, a need remains for improved methods and systems for providing circuit-aware load balancing with dynamic quality of service. Embodiments of the invention address these and other limitations in the prior art.
The foregoing and other features of the invention will become more readily apparent from the following detailed description, which proceeds with reference to the accompanying drawings.